Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-02 11:57:41 UTC
 Tool: Andromeda
Names
Andromeda
Gamarue
B106-Gamarue
B67-SS-Gamarue
b66
Category Malware
Type Botnet, Downloader
Description
(Avast) Andromeda is one of the longest running and most prevalent malware families
to have existed. Andromeda was first discovered in late 2011 and it probably evolved
from ngrBot/DorkBot. Throughout its existence, the groups behind Andromeda have
used various methods to spread the malware and infect users.
Information
MITRE ATT&CK Malpedia Last change to this tool card: 30 November 2023
Download this tool card in JSON format
All groups using tool Andromeda
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=67a1d20f-99b7-44ce-bb05-2464d2819fb6
Page 1 of 2

Changed Name Country Observed
Other groups
  Andromeda Spider 2011-Nov 2017
1 group listed (0 APT, 1 other, 0 unknown)
↑
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=67a1d20f-99b7-44ce-bb05-2464d2819fb6
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=67a1d20f-99b7-44ce-bb05-2464d2819fb6
Page 2 of 2